1. Field of Invention
The present invention relates generally to the field of wireless communication and data networks and more particularly, in one exemplary aspect, to the implementation of user access and identification error compensation techniques in such networks.
2. Description of Related Technology
Universal Mobile Telecommunications System (UMTS) is an exemplary implementation of a “third-generation” or “3G” cellular telephone technology. The UMTS standard is specified by a collaborative body referred to as the 3rd Generation Partnership Project (3GPP). The 3GPP has adopted UMTS as a 3G cellular radio system targeted for inter alia European markets, in response to requirements set forth by the International Telecommunications Union (ITU). The ITU standardizes and regulates international radio and telecommunications. Enhancements to UMTS will support future evolution to fourth generation (4G) technology.
Many current developments in wireless network technologies are directed to combining the connectivity associated with various wireless technologies (such as Wi-Fi, WiMAX, and cellular). Such envisioned heterogeneous networks may enable a user to instantly establish an “ad hoc” wireless network connection to another peer device, base station (e.g., macrocell, microcell, femtocell, picocell, etc.), access point, etc. A new class of “subscription-less” data services has emerged from this framework of steadily converging wireless technologies.
Subscription-Less Data Services
Current proposals for subscription-less data services seek to minimize the complexity of traditional network management overhead. For example, some subscription-less data services will not require registration at the network or service level prior to the initiation of communication. Subscription-less data services are targeted for instant and/or transient types of communication sessions; in some cases, subscription-less services are envisioned for the provision of anonymous services (e.g., data service regardless of user identity). Subscription-less data services may be useful in a wide variety of scenarios. For example, any wireless network host may provide disposable media such as e.g., advertisements, broadcasts, multicasts, user incentives, etc. Wandering users can consume such services without any long-term commitments (e.g., contracts, or fees, etc.).
Existing user access schemes provide secure user identification at the cost of significant messaging overhead, and some limited vulnerability. For example, UMTS cellular network access control is based on an authentication protocol called Authentication and Key Agreement (AKA). AKA is a challenge-response based mechanism that uses symmetric key cryptography. In the UMTS implementation of AKA, the user equipment (UE) must first identify itself before the Core Network can initiate the challenge-response; the Core Network will then initiate a challenge process to the UMTS Subscriber Identity Module (USIM), which is preprogrammed with the AKA response protocol. AKA does not tolerate differences between returned and expected responses.
Unfortunately, the complexity and security aspects of extant access control methods are in general poorly matched to the requirements of the aforementioned subscription-less data services. Accordingly, improved methods and apparatus are needed for user identification in simple or ad hoc networking systems. Furthermore, such improved solutions should ideally minimize user identification and or registration traffic between wireless networking entities for simple or ad hoc networks. Concurrently, suitable solutions should continue to guarantee adequate amounts of user privacy protection, and “uniqueness”.
Ideally, such methods and apparatus should compensate for differences between returned and expected authentication responses. Differences between returned and expected authentication responses may be caused by any number of confounding variables, including channel corruption, radio environment, etc. While an ideal system should allow errors due to these relatively innocuous “environmental” effects, the degree of security offered by such a system must still defeat common malicious attacks.